GNU bug report logs - #34655
26.1.92; Segfault in module with --module-assertions

Previous Next

Package: emacs;

Reported by: "Basil L. Contovounesios" <contovob <at> tcd.ie>

Date: Mon, 25 Feb 2019 21:02:01 UTC

Severity: normal

Merged with 31238

Found in version 26.1.92

Done: Eli Zaretskii <eliz <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: "Basil L. Contovounesios" <contovob <at> tcd.ie>
Cc: 34655 <at> debbugs.gnu.org
Subject: bug#34655: 26.1.92; Segfault in module with --module-assertions
Date: Tue, 26 Feb 2019 17:45:21 +0200

> From: "Basil L. Contovounesios" <contovob <at> tcd.ie>
> Date: Mon, 25 Feb 2019 21:00:41 +0000
> 
> Starting program: /home/blc/.local/src/emacs26/src/emacs -Q --module-assertions
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
> [New Thread 0x7ffff01cb700 (LWP 8299)]
> [New Thread 0x7fffef9ac700 (LWP 8300)]
> [New Thread 0x7fffef1ab700 (LWP 8301)]
> 
> Thread 1 "emacs" received signal SIGSEGV, Segmentation fault.
> re_search_2 (bufp=0xbf5d00 <searchbufs+384>, str1=0x0, size1=0, str2=0x0, size2=18, startpos=0, 
>     range=18, regs=0x0, stop=18) at regex.c:4354
> 4354				buf_ch = STRING_CHAR_AND_LENGTH (d, buf_charlen);
> #0  0x0000000000608594 in re_search_2
>     (bufp=0xbf5d00 <searchbufs+384>, str1=0x0, size1=0, str2=0x0, size2=18, startpos=0, range=18, regs=0x0, stop=18) at regex.c:4354
>         buf_charlen = 0
>         irange = 18
>         lim = 0
>         d = 0x0
>         buf_ch = 18
>         val = 691541629
>         string1 = 0x0
>         string2 = 0x0
>         fastmap = 0xbf5d38 <searchbufs+440> ""
>         translate = make_number(0)
>         total_size = 18
>         endpos = 18
>         anchored_start = 0 '\000'
>         multibyte = 1 '\001'
> #1  0x0000000000607f91 in re_search
>     (bufp=0xbf5d00 <searchbufs+384>, string=0x0, size=18, startpos=0, range=18, regs=0x0)
>     at regex.c:4181
> #2  0x00000000005f3fd0 in fast_string_match_internal
>     (regexp=XIL(0x8c761c), string=XIL(0x3036ec4), table=XIL(0)) at search.c:485
>         val = 140737488336288
>         bufp = 0xbf5d00 <searchbufs+384>

Here's your problem: fast_string_match_internal got a Lisp
string=XIL(0x3036ec4), but its data passed to re_search as the 2nd arg
is a NULL pointer.  You need to find out how this happens, e.g. by
setting a watchpoint on string's data inside Ffile_name_as_directory.
Or maybe the string is already corrupted there?
This bug report was last modified 6 years and 61 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.